🚀RELEASE 0.6.0

ref #2

CHANGELOG.md

@@ -2,8 +2,65 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
+#### [0.6.0](https://git.odit.services/kauft.es/linkylinky/compare/0.5.1...0.6.0)
+
+- Now with custom opengraph (tm) [`9d7125a`](https://git.odit.services/kauft.es/linkylinky/commit/9d7125a31186f3b7f33df4875db12c67cf91f536)
+- Added rudementary page content [`e1621b7`](https://git.odit.services/kauft.es/linkylinky/commit/e1621b72ade1fce381f30bcf310a6dcf8d1c65ea)
+- Added migration for disallowing bot previews [`0a500f1`](https://git.odit.services/kauft.es/linkylinky/commit/0a500f16cde0b0e38a115dd4e76185a2a45dda49)
+- Added basic bot checking [`61da5d8`](https://git.odit.services/kauft.es/linkylinky/commit/61da5d81108a4b86f92e1c05ca99372c6b188347)
+- Now with working bad bot detection [`75adbf7`](https://git.odit.services/kauft.es/linkylinky/commit/75adbf73cfbf4fadf2cd632ecb687eff95749f52)
+- New urls can now be created with disabled preview [`33d7c94`](https://git.odit.services/kauft.es/linkylinky/commit/33d7c94648d062ece3fa437e71ce1ded70324cd8)
+- Added bot check for native short urls [`f6b2ae5`](https://git.odit.services/kauft.es/linkylinky/commit/f6b2ae523da149b72f2be6d9171584cdc0be6e99)
+- Added package for bot recognition [`773b286`](https://git.odit.services/kauft.es/linkylinky/commit/773b286216c9e530ccdf3fbfcfe95fa938097be5)
+- Getters now return the no_preview status [`e5b8557`](https://git.odit.services/kauft.es/linkylinky/commit/e5b8557e4ccae90981e675c2adae81236aa9144e)
+- Added noindex header to all shorturl routes [`0a8945a`](https://git.odit.services/kauft.es/linkylinky/commit/0a8945a294de2bc5bce9410f3ebf20b8f5abd0a5)
+- Switched docker base images to odit mirror [`d8ed9a1`](https://git.odit.services/kauft.es/linkylinky/commit/d8ed9a149fddae8e8cc61b78cbc940a9d7ade8f2)
+- Updated opengraph type [`b64a843`](https://git.odit.services/kauft.es/linkylinky/commit/b64a8436e745d176cc49ef72434dce0f8f1bcc12)
+- Log user agents [`f15282a`](https://git.odit.services/kauft.es/linkylinky/commit/f15282a3f9bdaaf09a36d8662b64a5bc2740633f)
+- Removed unused log [`6d71a3e`](https://git.odit.services/kauft.es/linkylinky/commit/6d71a3ebf4d880b8291cacd620f86416cff0d744)
+- removed logging [`d097ecc`](https://git.odit.services/kauft.es/linkylinky/commit/d097eccbd925e3627fa710d7891d269b372d174c)
+
+#### [0.5.1](https://git.odit.services/kauft.es/linkylinky/compare/0.5.0...0.5.1)
+
+> 21 August 2021
+
+- 🚀RELEASE 0.5.1 [`b871e42`](https://git.odit.services/kauft.es/linkylinky/commit/b871e4295dc4b067f4f4dd28c3f940c8aa9624e0)
+- Added endpoint to query over all visited urls [`bb99c2d`](https://git.odit.services/kauft.es/linkylinky/commit/bb99c2dcd1ce89af1bc27a035be5265345d2a05f)
+- Added optional filtering by provider [`0945060`](https://git.odit.services/kauft.es/linkylinky/commit/0945060a49ed35c038df2c04bbd07174bc5654ca)
+- Shortened return to avoid variable memory asignment [`f7eae96`](https://git.odit.services/kauft.es/linkylinky/commit/f7eae96b8c3479d333fc00bc36bce451733700db)
+- Changed object property order (just for us pesky humans to improve readability) [`c2a50a1`](https://git.odit.services/kauft.es/linkylinky/commit/c2a50a14807e223987464c63fac6d67ed98b1a93)
+
+#### [0.5.0](https://git.odit.services/kauft.es/linkylinky/compare/0.4.3...0.5.0)
+
+> 21 August 2021
+
+- 🚀RELEASE 0.5.0 [`e8382fb`](https://git.odit.services/kauft.es/linkylinky/commit/e8382fb579f769364693974cbe74ce06e9810a9a)
+- Removed visits 404 resolution [`59e1784`](https://git.odit.services/kauft.es/linkylinky/commit/59e178476e8f7e64de92ae23e859b87680e7af64)
+- Added migration for visits provider [`f48159b`](https://git.odit.services/kauft.es/linkylinky/commit/f48159b31bcaf7c7449c89fb1e3851bcb04f5e3c)
+- Reverted last change since we can defer it from the provider [`b532137`](https://git.odit.services/kauft.es/linkylinky/commit/b5321377bde9bd7de13e2eee4dd38a072cf0d4a3)
+- Changed the way visits entrys get compiled to enable provider visits count searches over the default api [`6e26bbb`](https://git.odit.services/kauft.es/linkylinky/commit/6e26bbbf5f29e4c1eaa56c5dc41ab77c192d0cfb)
+- Server now inserts provider on visit [`824c109`](https://git.odit.services/kauft.es/linkylinky/commit/824c109a420efd0e1e6de01d93827020f3fe5a5f)
+- Added package script for migration creation [`6195001`](https://git.odit.services/kauft.es/linkylinky/commit/6195001d4b701d39470ff4be0e265f9afb288e78)
+
+#### [0.4.3](https://git.odit.services/kauft.es/linkylinky/compare/0.4.2...0.4.3)
+
+> 21 August 2021
+
+- Fixed auth error crashing the entire server thanks to fastify handling stuff not the same way that they do in the docs..... [`#1`](https://git.odit.services/kauft.es/linkylinky/issues/1)
+- 🚀RELEASE 0.4.3 [`0afa803`](https://git.odit.services/kauft.es/linkylinky/commit/0afa80345d47e09e20d4365634f8532248b2044c)
+
+#### [0.4.2](https://git.odit.services/kauft.es/linkylinky/compare/0.4.1...0.4.2)
+
+> 18 August 2021
+
+- Changed register api route and added user deletion route [`588f3ba`](https://git.odit.services/kauft.es/linkylinky/commit/588f3bae8980f76461d20e15475ec797078b0b54)
+- 🚀RELEASE 0.4.2 [`4ffc06d`](https://git.odit.services/kauft.es/linkylinky/commit/4ffc06db7bb84bc7bfc9c57a80927f7201185274)
+
 #### [0.4.1](https://git.odit.services/kauft.es/linkylinky/compare/0.4.0...0.4.1)
 
+> 18 August 2021
+
+- 🚀RELEASE 0.4.1 [`d889432`](https://git.odit.services/kauft.es/linkylinky/commit/d889432ce8a403f6a609423eaf458a5904dc5b98)
 - Fixed jwtcount not being recognized [`44830f0`](https://git.odit.services/kauft.es/linkylinky/commit/44830f08bc212f8079b5ac2da3d51eedbe6d5c41)
 
 #### [0.4.0](https://git.odit.services/kauft.es/linkylinky/compare/0.3.0...0.4.0)

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16.6.2-alpine3.14
+FROM registry.odit.services/hub/library/node:16.6.2-alpine3.14
 WORKDIR /app
 COPY package.json .
 COPY yarn.lock .
@@ -9,7 +9,7 @@ COPY knexfile.js ./
 RUN mkdir db
 # 
 # FROM astefanutti/scratch-node:16.0.0
-FROM node:16.6.2-alpine3.14
+FROM registry.odit.services/hub/library/node:16.6.2-alpine3.14
 WORKDIR /app
 COPY --from=0 /app /app
 ENV NODE_ENV production

migrations/20210821094219_visits_providers.js

@@ -0,0 +1,10 @@
+
+exports.up = function(knex) {
+    return knex.schema.table('visits', function (table) {
+        table.text('provider').defaultTo("N/A");
+    });
+};
+
+exports.down = function(knex) {
+  
+};

migrations/20210925171533_bot_preview.js

@@ -0,0 +1,10 @@
+
+exports.up = function(knex) {
+    return knex.schema.table('urls', function (table) {
+        table.boolean('no_preview').defaultTo(false);
+    });
+};
+
+exports.down = function(knex) {
+  
+};

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@odit/shortener-backend",
-  "version": "0.4.1",
+  "version": "0.6.0",
   "main": "index.js",
   "license": "MIT",
   "private": false,
@@ -20,7 +20,8 @@
     "dev": "nodemon src/server.js",
     "start": "node src/server.js",
     "migrate": "knex migrate:latest",
-    "release": "release-it"
+    "release": "release-it",
+    "create:migration": "knex migrate:make"
   },
   "dependencies": {
     "argon2": "^0.28.2",
@@ -30,6 +31,7 @@
     "fastify-basic-auth": "^2.1.0",
     "fastify-cors": "^6.0.2",
     "fastify-jwt": "^3.0.1",
+    "isbot": "^3.3.3",
     "knex": "^0.21.21",
     "sqlite3": "^5.0.2",
     "uniqid": "^5.3.0"

src/server.js

@@ -2,6 +2,7 @@ const fastify = require('fastify')({ logger: true })
 var uniqid = require('uniqid');
 require('dotenv').config();
 const argon2 = require('argon2');
+const isBot = require('isbot')
 
 let config = {
     domain: process.env.DOMAIN || "localhost:3000",
@@ -45,44 +46,54 @@ fastify.decorate('verifyJWT', function async(request, reply, done) {
 
     fastify.jwt.verify(token, async (err, decoded) => {
         if (err) {
-            fastify.log.error(err)
-            done(new Error("JWT Validation failed"))
+            fastify.log.error("JWT validation failed:")
+            done(new Error("JWT Validation failed"));
         }
-        fastify.log.info(`Token verified. User is ${decoded.payload.user}`);
-        request.user = decoded.payload.user;
+        else {
+            if (!decoded.payload) {
+                done(new Error("JWT is empty"));
+            }
+            fastify.log.info(`Token verified. User is ${decoded.payload.user}`);
 
-        const jwtcount = (await knex.select('jwtcount')
-            .from('users')
-            .where('username', '=', decoded.payload.user)
-            .limit(1))[0].jwtcount;
+            const jwtcount = (await knex.select('jwtcount')
+                .from('users')
+                .where('username', '=', decoded.payload.user)
+                .limit(1))[0].jwtcount;
 
-        if (decoded.payload.jwtcount < jwtcount) {
-            fastify.log.error("Auth ended at jwtcount")
-            done(new Error("JWT in no longer valid"))
+            if (decoded.payload.jwtcount < jwtcount) {
+                fastify.log.error("Auth ended at jwtcount")
+                done(new Error("JWT in no longer valid"))
+            }
+            else {
+                fastify.log.info(`JWT count verified`);
+                request.user = decoded.payload.user;
+                done()
+            }
         }
-        fastify.log.info(`JWT count verified`);
-        done()
     })
-
 })
 
 //Automagic Amazn redirects on /a/
 fastify.get('/a/:id', async (req, res) => {
     res.redirect(302, `https://amazon.de/dp/${req.params.id}`)
+    await knex('visits').insert({ shortcode: req.params.id, provider: 'a' });
 })
 
 //Automagic Youtube redirects on /yt/
 fastify.get('/yt/:id', async (req, res) => {
     res.redirect(302, `https://youtu.be/${req.params.id}`)
+    await knex('visits').insert({ shortcode: req.params.id, provider: 'yt' });
 })
 //Automagic Youtube Playlist redirects on /ytpl/
 fastify.get('/ytpl/:id', async (req, res) => {
     res.redirect(302, `https://youtube.com/playlist?list=${req.params.id}`)
+    await knex('visits').insert({ shortcode: req.params.id, provider: 'ytpl' });
 })
 
 //Automagic ebay item redirects on /e/
 fastify.get('/e/:id', async (req, res) => {
     res.redirect(302, `https://ebay.de/itm/${req.params.id}`)
+    await knex('visits').insert({ shortcode: req.params.id, provider: 'e' });
 })
 
 //Normal shorturls
@@ -93,15 +104,46 @@ fastify.get('/:shortcode', async (req, res) => {
     if (!shortcode) {
         return 404;
     }
-    const target = await knex.select('target')
+    const target = await knex.select('target', 'no_preview')
         .from('urls')
         .where('shortcode', '=', shortcode)
         .limit(1);
     if (!target[0]) {
         return 404
     }
+
+    if (isBot(req.headers['user-agent']) && target[0].no_preview) {
+        return `
+        <!DOCTYPE html>
+        <html lang="en">
+        <head>
+            <meta charset="UTF-8">
+            <meta http-equiv="X-UA-Compatible" content="IE=edge">
+            <meta name="viewport" content="width=device-width, initial-scale=1.0">
+            <meta property="og:title" content="LinkyLinky">
+            <meta property="og:site_name" content="LinkyLinky by Kauft.es">
+            <meta property="og:url" content="https://kauft.es/">
+            <meta property="og:description" content="LinkyLinky by Kauft.es is a custom url shortener. You're reading this, b/c someone doesn't want their shorturl to be indexed by bots/crawlers/spiders.">
+            <meta property="og:type" content="article">
+            <meta property="og:image" content="https://kauft.es/dashboard/icon_128.png">
+
+            <title>LinkyLinky</title>
+        </head>
+        <body>
+        <p align="center">
+        <img height="150" src="https://kauft.es/dashboard/icon_128.png">
+        <h1 align="center">LinkyLinky 🔗</h1>
+        <h3 align="center">A small url shortener, originaly developed for kauft.es</h3>
+        <p>LinkyLinky by Kauft.es is a custom url shortener.<br>
+        You're reading this, b/c someone doesn't want their shorturl to be indexed by bots/crawlers/spiders.</p>
+        </p>        
+        </body>
+        </html>
+        `;
+    }
+
     res.redirect(302, target[0].target);
-    await knex('visits').insert({ shortcode });
+    await knex('visits').insert({ shortcode, provider: 'native' });
 })
 
 //Create new url schema
@@ -111,6 +153,7 @@ const newUrlSchema = {
         properties: {
             target: { type: 'string' },
             shortcode: { type: 'string' },
+            no_preview: { type: 'boolean' },
         }
     }
 };
@@ -119,6 +162,7 @@ const newUrlSchema = {
 fastify.post('/api', { newUrlSchema }, async (req, res) => {
     const target = req.body?.target;
     let shortcode = req.body?.shortcode;
+    let no_preview = req.body?.no_preview || false;
 
     //Check if the user provided a target
     if (!target) {
@@ -138,7 +182,7 @@ fastify.post('/api', { newUrlSchema }, async (req, res) => {
                 return response;
             }
         }
-        const exists = await knex.select('shortcode')
+        const exists = await knex.select('shortcode', 'no_preview')
             .from('urls')
             .where('target', '=', target)
             .limit(1);
@@ -147,7 +191,8 @@ fastify.post('/api', { newUrlSchema }, async (req, res) => {
             return {
                 url: `${config.getBaseUrl()}/${shortcode}`,
                 shortcode,
-                target
+                target,
+                no_preview: exists[0].no_preview
             }
         }
         shortcode = uniqid();
@@ -169,12 +214,13 @@ fastify.post('/api', { newUrlSchema }, async (req, res) => {
     }
 
     //Create a new db entry
-    await knex('urls').insert({ target, shortcode });
+    await knex('urls').insert({ target, shortcode, no_preview });
 
     return {
         url: `${config.getBaseUrl()}/${shortcode}`,
         shortcode,
-        target
+        target,
+        no_preview
     }
 });
 
@@ -201,7 +247,7 @@ fastify.get('/api/:shortcode', async (req, res) => {
         return 404;
     }
 
-    const exists = await knex.select('shortcode', 'target')
+    const exists = await knex.select('shortcode', 'target', 'no_preview')
         .from('urls')
         .where('shortcode', '=', shortcode)
         .limit(1);
@@ -217,13 +263,14 @@ fastify.get('/api/:shortcode', async (req, res) => {
         url: `${config.getBaseUrl()}/${exists[0].shortcode}`,
         shortcode: exists[0].shortcode,
         target: exists[0].target,
+        no_preview: exists[0].no_preview,
         visits: visits.length
     }
 });
 
 
 //User registration
-fastify.post('/api/register', async (req, res) => {
+fastify.post('/api/auth/register', async (req, res) => {
     if (!config.registrationEnabled) {
         res.statusCode = 400;
         return "Registration was disabled by your admin";
@@ -257,7 +304,7 @@ fastify.post('/api/register', async (req, res) => {
 
 //Anything in here has some kind of auth
 fastify.after(() => {
-    //Get url api route
+    //Get url visits api route
     fastify.get('/api/:shortcode/visits', { onRequest: fastify.auth([fastify.basicAuth, fastify.verifyJWT]) }, async (req, res) => {
         const shortcode = req.params.shortcode;
 
@@ -266,21 +313,24 @@ fastify.after(() => {
             return 404;
         }
 
-        const exists = await knex.select('shortcode', 'target')
-            .from('urls')
-            .where('shortcode', '=', shortcode)
-            .limit(1);
-        if (exists.length == 0) {
-            return 404;
-        }
-
-        const visits = await knex.select('timestamp')
+        const visits = await knex.select('timestamp', 'provider')
             .from('visits')
             .where('shortcode', '=', shortcode);
 
         return visits;
     });
 
+    //Get all visits api route
+    fastify.get('/api/visits', { onRequest: fastify.auth([fastify.basicAuth, fastify.verifyJWT]) }, async (req, res) => {
+        if (req.query.provider) {
+            return await knex.select('shortcode', 'provider', 'timestamp')
+                .from('visits')
+                .where("provider", "=", req.query.provider);
+        }
+        return await knex.select('shortcode', 'provider', 'timestamp')
+            .from('visits');
+    });
+
     //Get url api route
     fastify.delete('/api/:shortcode', { onRequest: fastify.auth([fastify.basicAuth, fastify.verifyJWT]) }, async (req, res) => {
         const shortcode = req.params.shortcode;
@@ -300,7 +350,7 @@ fastify.after(() => {
 
     //Get all urls api route
     fastify.get('/api', { onRequest: fastify.auth([fastify.basicAuth, fastify.verifyJWT]) }, async (req, res) => {
-        urls = await knex.select('target', 'shortcode')
+        urls = await knex.select('target', 'shortcode', 'no_preview')
             .from('urls');
 
         for (let url of urls) {
@@ -347,6 +397,14 @@ fastify.after(() => {
         return "Done!";
     });
 
+    fastify.post('/api/auth/deleteme', { onRequest: fastify.auth([fastify.basicAuth, fastify.verifyJWT]) }, async (req, reply) => {
+        await knex('users')
+            .where('username', '=', req.user)
+            .delete();
+
+        return "Done!";
+    });
+
 });
 
 

yarn.lock

@@ -2228,6 +2228,11 @@ isarray@1.0.0, isarray@~1.0.0:
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
   integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=
 
+isbot@^3.3.3:
+  version "3.3.3"
+  resolved "https://registry.yarnpkg.com/isbot/-/isbot-3.3.3.tgz#6a2124a6c1dda5db2d0060c4e292b346ecbd2249"
+  integrity sha512-a3HFPPsvtLroqpuTHHJTaUpPHUO0vjPbptJDzJYkymRvOI8tugWM6zE2oq22w5VOq4A5hrX+YRS7VdIPAgWLfw==
+
 isexe@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10"